ID CVE-2004-0918
Summary The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
References
Vulnerable Configurations
  • OpenPKG 2.1
    cpe:2.3:a:openpkg:openpkg:2.1
  • OpenPKG 2.2
    cpe:2.3:a:openpkg:openpkg:2.2
  • cpe:2.3:a:openpkg:openpkg:current
    cpe:2.3:a:openpkg:openpkg:current
  • cpe:2.3:a:squid:squid:2.0_patch2
    cpe:2.3:a:squid:squid:2.0_patch2
  • cpe:2.3:a:squid:squid:2.1_patch2
    cpe:2.3:a:squid:squid:2.1_patch2
  • cpe:2.3:a:squid:squid:2.3_.stable4
    cpe:2.3:a:squid:squid:2.3_.stable4
  • cpe:2.3:a:squid:squid:2.3_.stable5
    cpe:2.3:a:squid:squid:2.3_.stable5
  • cpe:2.3:a:squid:squid:2.4
    cpe:2.3:a:squid:squid:2.4
  • cpe:2.3:a:squid:squid:2.4_.stable2
    cpe:2.3:a:squid:squid:2.4_.stable2
  • cpe:2.3:a:squid:squid:2.4_.stable6
    cpe:2.3:a:squid:squid:2.4_.stable6
  • cpe:2.3:a:squid:squid:2.4_.stable7
    cpe:2.3:a:squid:squid:2.4_.stable7
  • cpe:2.3:a:squid:squid:2.5_.stable1
    cpe:2.3:a:squid:squid:2.5_.stable1
  • cpe:2.3:a:squid:squid:2.5_.stable3
    cpe:2.3:a:squid:squid:2.5_.stable3
  • cpe:2.3:a:squid:squid:2.5_.stable4
    cpe:2.3:a:squid:squid:2.5_.stable4
  • cpe:2.3:a:squid:squid:2.5_.stable5
    cpe:2.3:a:squid:squid:2.5_.stable5
  • cpe:2.3:a:squid:squid:2.5_.stable6
    cpe:2.3:a:squid:squid:2.5_.stable6
  • cpe:2.3:a:squid:squid:3.0_pre1
    cpe:2.3:a:squid:squid:3.0_pre1
  • cpe:2.3:a:squid:squid:3.0_pre2
    cpe:2.3:a:squid:squid:3.0_pre2
  • cpe:2.3:a:squid:squid:3.0_pre3
    cpe:2.3:a:squid:squid:3.0_pre3
  • Gentoo Linux
    cpe:2.3:o:gentoo:linux
  • cpe:2.3:o:redhat:fedora_core:core_2.0
    cpe:2.3:o:redhat:fedora_core:core_2.0
  • Trustix Secure Linux 1.5
    cpe:2.3:o:trustix:secure_linux:1.5
  • Trustix Secure Linux 2.0
    cpe:2.3:o:trustix:secure_linux:2.0
  • Trustix Secure Linux 2.1
    cpe:2.3:o:trustix:secure_linux:2.1
  • cpe:2.3:o:ubuntu:ubuntu_linux:4.1:-:ia64
    cpe:2.3:o:ubuntu:ubuntu_linux:4.1:-:ia64
  • cpe:2.3:o:ubuntu:ubuntu_linux:4.1:-:ppc
    cpe:2.3:o:ubuntu:ubuntu_linux:4.1:-:ppc
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_SQUID_257.NASL
    description The following package needs to be updated: squid
    last seen 2016-09-26
    modified 2011-10-03
    plugin id 15497
    published 2004-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15497
    title FreeBSD : squid -- SNMP module denial-of-service vulnerability (184)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_65E99F521C5F11D9BC4A000C41E2CDAD.NASL
    description The Squid-2.5 patches page notes : If a certain malformed SNMP request is received squid restarts with a Segmentation Fault error. This only affects squid installations where SNMP is explicitly enabled via 'make config'. As a workaround, SNMP can be disabled by defining 'snmp_port 0' in squid.conf. Squid security advisory SQUID-2008:1 explains that Squid-3 versions up to and including Squid-3.0.STABLE6 are affected by this error, too.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 36251
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36251
    title FreeBSD : squid -- SNMP module denial-of-service vulnerability (65e99f52-1c5f-11d9-bc4a-000c41e2cdad)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-576.NASL
    description Several security vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-1999-0710 It is possible to bypass access lists and scan arbitrary hosts and ports in the network through cachemgr.cgi, which is installed by default. This update disables this feature and introduces a configuration file (/etc/squid/cachemgr.conf) to control this behavior. - CAN-2004-0918 The asn_parse_header function (asn1.c) in the SNMP module for Squid allows remote attackers to cause a denial of service via certain SNMP packets with negative length fields that causes a memory allocation error.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 15674
    published 2004-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15674
    title Debian DSA-576-1 : squid - several vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200410-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-200410-15 (Squid: Remote DoS vulnerability) A parsing error exists in the SNMP module of Squid where a specially crafted UDP packet can potentially cause the server to restart, closing all current connections. This vulnerability only exists in versions of Squid compiled with the 'snmp' USE flag. Impact : An attacker can repeatedly send these malicious UDP packets to the Squid server, leading to a denial of service. Workaround : Disable SNMP support or filter the port that has SNMP processing (default is 3401) to allow only SNMP data from trusted hosts. To disable SNMP support put the entry snmp_port 0 in the squid.conf configuration file. To allow only the local interface to process SNMP, add the entry 'snmp_incoming_address 127.0.0.1' in the squid.conf configuration file.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 15512
    published 2004-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15512
    title GLSA-200410-15 : Squid: Remote DoS vulnerability
  • NASL family Firewalls
    NASL id SQUID_RDOS.NASL
    description The remote Squid caching proxy, according to its version number, may be vulnerable to a remote denial of service attack. This flaw is caused due to an input validation error in the SNMP module, and exploitation requires that Squid not only was built to support it but also configured to use it. An attacker can exploit this flaw to crash the server with a specially crafted UDP packet. Note that Nessus reports this vulnerability using only the version number in Squid's banner, so this might be a false positive.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 15463
    published 2004-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15463
    title Squid SNMP Module asn_parse_header() Function Remote DoS
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-591.NASL
    description An updated squid package that fixes a remote denial of service vulnerability is now available. Squid is a full-featured Web proxy cache. iDEFENSE reported a flaw in the squid SNMP module. This flaw could allow an attacker who has the ability to send arbitrary packets to the SNMP port to restart the server, causing it to drop all open connections. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0918 to this issue. All users of squid should update to this erratum package, which contains a backport of the security fix for this vulnerability.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 15533
    published 2004-10-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15533
    title RHEL 2.1 / 3 : squid (RHSA-2004:591)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-6045.NASL
    description CVE-2004-0918 Squid SNMP DoS Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 33410
    published 2008-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33410
    title Fedora 9 : squid-3.0.STABLE7-1.fc9 (2008-6045)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-19-1.NASL
    description Recently, two Denial of Service vulnerabilities have been discovered in squid, a WWW proxy cache. Insufficient input validation in the NTLM authentication handler allowed a remote attacker to crash the service by sending a specially crafted NTLMSSP packet. Likewise, due to an insufficient validation of ASN.1 headers, a remote attacker could restart the server (causing all open connections to be dropped) by sending certain SNMP packets with negative length fields. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20602
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20602
    title Ubuntu 4.10 : squid vulnerabilities (USN-19-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-112.NASL
    description iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through the validations performed by the ASN1 parser, leading to the server assuming there is heap corruption or some other exceptional condition, and closing all current connections then restarting. Squid 2.5.STABLE7 has been released to address this issue; the provided packages are patched to fix the issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 15547
    published 2004-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15547
    title Mandrake Linux Security Advisory : squid (MDKSA-2004:112)
oval via4
accepted 2013-04-29T04:10:03.491-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
description The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
family unix
id oval:org.mitre.oval:def:10931
status accepted
submitted 2010-07-09T03:56:16-04:00
title The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
version 24
redhat via4
advisories
rhsa
id RHSA-2004:591
refmap via4
bid 11385
conectiva CLA-2005:923
confirm
fedora
  • FEDORA-2008-6045
  • FLSA-2006:152809
gentoo GLSA-200410-15
idefense 20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability
openpkg OpenPKG-SA-2004.048
sco SCOSA-2005.16
secunia
  • 30914
  • 30967
suse SUSE-SR:2008:014
vupen ADV-2008-1969
xf squid-snmp-asnparseheader-dos(17688)
Last major update 17-10-2016 - 22:49
Published 27-01-2005 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top